These determine the assumed/default size of instruction operands, and restricts which opcodes are available, and how they are used.
Modern operating systems, booted inside Real mode,
Nelson NelsonBigHead
🌴
NelsonBigHead
/ ModulesFromPeb.c
Created
October 7, 2025 00:08
— forked from Spl3en/ModulesFromPeb.c
Get current process modules from PEB
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <subauth.h> | |
| #include <stdio.h> | |
| /* Windows structures */ | |
| typedef struct _PEB_LDR_DATA { | |
| BYTE Reserved1[8]; | |
| PVOID Reserved2[3]; | |
| LIST_ENTRY InMemoryOrderModuleList; | |
| } PEB_LDR_DATA, *PPEB_LDR_DATA; |
NelsonBigHead
/ x86-assembly-notes.md
Created
June 30, 2023 22:19
— forked from mikesmullin/x86-assembly-notes.md
Notes on x86-64 Assembly and Machine Code
NelsonBigHead
/ no_strings.hpp
Created
May 14, 2023 01:56
— forked from EvanMcBroom/no_strings.hpp
Encrypt Strings at Compile Time
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Copyright (C) 2022 Evan McBroom | |
| // If you are using Visual Studio, you will need to disable the "Edit and Continue" feature. | |
| // Prng based off of Parker Miller's | |
| // "Multiplicative Linear Congruential Generator" | |
| // https://en.wikipedia.org/wiki/Lehmer_random_number_generator | |
| namespace mlcg { | |
| constexpr uint32_t modulus() { | |
| return 0x7fffffff; | |
| } |
NelsonBigHead
/ switch-statements-with-full-strings.md
Created
May 14, 2023 01:54
— forked from EvanMcBroom/switch-statements-with-full-strings.md
Switch Statements with Full Strings
C++11 introduced the constexpr keyword for defining a constant expression.
A constant expression is a variable or function that may be evaluated at compile time. This has many uses, including extending a switch statement to support full strings.
C++ only supports using an integer as the condition in a switch statement and an integer that is known at compile time in a case statement.
You can define a hash function and use it to convert a string to an integer to use in a switch statement.
If you define that hash function as a constexpr you can use it to convert a string literal to an integer to use in a case statement as well.
NelsonBigHead
/ pic-and-string-literals-2.md
Created
May 14, 2023 01:24
— forked from EvanMcBroom/pic-and-string-literals-2.md
Pic and String Literals Part 2
I previously wrote about how to use macro metaprogramming to simplify using string literals in position independent code (PIC). The results are summarized in the below code snippet and the article can be read on GitHub.
void f() {
// Example 1: The Pic idiom for instantiating a string
char picString1[]{ 'a', 'b', 'c' };
NelsonBigHead
/ pic-and-string-literals.md
Created
May 14, 2023 01:24
— forked from EvanMcBroom/pic-and-string-literals.md
Position Independent Code and String Literals
A common programming idiom when writing position independent code (PIC) is to expand a string literal into its individual characters when instantiating a local variable.
void f() {
// Example 1: A normal instantiation with a string literal
char a[]{ "a long string" };
// Example 2: The Pic idiom for instantiating a string
NelsonBigHead
/ encrypting-strings-at-compile-time.md
Created
May 14, 2023 01:23
— forked from EvanMcBroom/encrypting-strings-at-compile-time.md
Encrypting Strings at Compile Time
Thank you to SpecterOps for supporting this research and to Duane and Matt for proofreading and editing! Crossposted on the SpecterOps Blog.
TLDR: You may use this header file for reliable compile time string encryption without needing any additional dependencies.
Programmers of DRM software, security products, or other sensitive code bases are commonly required to minimize the amount of human readable strings in binary output files. The goal of the minimization is to hinder others from reverse engineering their proprietary technology.
Common approaches that are taken to meet this requirement often add an additional maintenance burden to the developer and are prone to error. These approaches will be presented along with t
NelsonBigHead
/ GetPhysicalDriveSerialNumber.cpp
Created
March 14, 2023 02:47
— forked from LambdaSix/GetPhysicalDriveSerialNumber.cpp
Getting a harddrives serial number.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <atlstr.h> | |
| DWORD GetPhysicalDriveSerialNumber(UINT nDriveNumber, CString& strSerialNumber) | |
| { | |
| DWORD dwResult = NO_ERROR; | |
| strSerialNumber.Empty(); | |
| // Format physical drive path (may be '\\.\PhysicalDrive0', '\\.\PhysicalDrive1' and so on). | |
| CString strDrivePath; |
NelsonBigHead
/ main.cpp
Created
March 14, 2023 02:46
— forked from micjabbour/main.cpp
C++ WinAPI - get first physical drive serial number
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <memory> | |
| #include <string> | |
| //returns the serial number of the first physical drive in a std::string or an empty std::string in case of failure | |
| //based on http://codexpert.ro/blog/2013/10/26/get-physical-drive-serial-number-part-1/ | |
| std::string getFirstHddSerialNumber() { | |
| //get a handle to the first physical drive | |
| HANDLE h = CreateFileW(L"\\\\.\\PhysicalDrive0", 0, FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); | |
| if(h == INVALID_HANDLE_VALUE) return {}; |
NelsonBigHead
/ drvscan.cpp
Created
September 8, 2022 01:11
— forked from adrianyy/drvscan.cpp
vulnerable driver scanner
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <string> | |
| #include <vector> | |
| #include <fstream> | |
| #include <iostream> | |
| #include <filesystem> | |
| #include <Windows.h> | |
| #include <winternl.h> | |
| static_assert( sizeof( void* ) == 8 ); |